[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACT ION :draft-ietf-pkix-scvp- 00.txt))
>
> >4) As for 3), but the Smartcard uses biometrics - thumb-print, signature,
> >eye-scan. I guess this is much safer - provided you don't get gory!
>
> As noted in another message, if one admits the ability to open up the card,
> then the biometric protection is probably not very interesting. Note that
> the average college physical lab has all one needs to successfully open up
> almost all of these cards and extract private keys, these days, and the
> info on how to do this is being published, removing that barries as well.
>
Furthermore, one has to implicitely trust the biometric reader. biometric
authentication only really works if the reader is owned by the user.
Otherwise, the authentication is subject to replay.
PatC
References: